Skip to main content
Manage TLS (SSL) certificates
Last update:

Manage TLS (SSL) certificates

TLS(SSL)-certificate is a unique digital signature of a website. TLS(SSL)-certificate is required for a secure connection between the client and the server (HTTPS protocol) when transmitting confidential information and conducting financial transactions.

Types of TLS(SSL) Certificates

ServiceLet's Encrypt®Personal
ProvidersAkamaiSelectelSelectel
DomainsDefault domainAll CDN resource domainsPersonal domains of the resource, which are specified in the certificate
ManagementYou can't controlYou can't controlDisconnect
Make active
Delete
UpdateAutomaticallyAutomaticallyManually

Service Certificate

A free service certificate is issued automatically when creating a CDN resource Akamai and applies only to default domains. If you add a personal domain to the Akamai resource, content distribution will be done via HTTP only.

You cannot make changes to the operation of the service certificate.

Let's Encrypt® Certificate

The Let's Encrypt® certificate is issued automatically when a Selectel CDN resource is created and applies to all default domains and personal domains connected to the resource.

Let's Encrypt® certificate has the following properties:

  • certificate cannot be disabled or deleted, only replaced with a personalized certificate;
  • A CDN resource can have only one valid Let's Encrypt® certificate;
  • the certificate does not need to be manually renewed, it is automatically reissued when it expires.

Read more about Let's Encrypt® certificate restrictions in the article Rate Limits Let's Encrypt® documentation.

Personalized certificate

The personalized certificate applies to personal domains Selectel resource that are specified in this certificate.

A CDN resource can have only one TLS(SSL) certificate active. If there are personal domains connected to the resource that are not specified in the certificate, content distribution through them will be performed only via HTTP.

If you remove the personal certificate, the resource is automatically issued for the resource Let's Encrypt® certificate.

Add a personalized certificate

  1. In control panels go to CDNCDN resources.

  2. Open the CDN resource page.

  3. Open the tab Certificates.

  4. Click Add a certificate.

  5. Open the tab Personal.

  6. Insert the certificate for the domain. It must begin with -----BEGIN CERTIFICATE----- and end -----END CERTIFICATE-----.

    If you need to add multiple certificates, make sure that all certificates (primary certificate for the domain, intermediate certificates, and root certificate) create a complete chain. Value Issuer of the main certificate must match the value of the Subject of the first intermediate certificate, the value of Issuer of the first intermediate certificate with Subject the second intermediate and so on.

  7. Insert the private key. It must begin with -----BEGIN PRIVATE KEY----- and end -----END PRIVATE KEY-----.

  8. Click Add a personal SSL certificate.